1. Field of Invention
The present invention is related to security systems in general, and more specifically directed to a security system that uses security clearance cards with increased storage space and increased security for information store thereon, and a security system that selectively controls access to data on the card by different card readers and operators, as well as selective controlled access to different portions of a facility by a cardholder.
2. Description of Related Art
Most companies and governmental entities use security systems to control access to facilities, data, etc. Access is typically controlled through the use of security clearance cards and/or password access. Many conventional security systems are electronically operated through the use of card readers, biometric scanners, and the like. Further, many conventional security systems are network based. Specifically, these systems use a centralized data server that contains security access codes and data related to personnel allowed access to a facility, data, etc., such as a security identification number associated with the personnel and/or stored biometrics associated with the personnel. In general, these conventional security systems operate in a centralized networked mode, which can slow access decision-making. Further, the clearance cards used in these systems may be rudimentary in that they only include tokens used to identify data associated with the user located in the server, or the cards may include processors and memory that may be easily compromised. Conventional security systems also typically do not include complex decision-making concerning access to facilities and locations. Specifically most systems only use a standard entry/no-entry decision-making and do not allow for dynamic alteration of access criteria. Finally, many conventional security systems do not have the ability to limit access to different levels of information stored on a security clearance card by different security readers and security employees. These issues are discussed more fully below.
Security clearance cards are typically issued to individuals who have been approved to access a particular location, object, information, electronic media, and/or any other tangible or intangible item to which access is limited. For example, organizations that include items to which access is restricted, usually issue security clearance cards to those individuals who the organization deems authorized to access the items. The security clearance cards therefore may carry some type of information, indication and/or means that permit the person carrying the card to access one or more restricted items, For example, a card may include visual information so that a security guard or other personnel may visually inspect the card to ensure that the card is valid, and/or the card may include information that allows automated access to the restricted item.
Usually individuals must undergo some type of background check prior to issuance of a security clearance card, such as by providing evidence of their identity, i.e. a birth certificate, proof of address, drivers license, social security card, visa, passport, and/or any other information that demonstrates the individual's identity. In addition individuals may have to provide detailed information regarding their background, such as education, prior jobs, affiliations, and/or any other information regarding the individual's history that is pertinent to the particular type of background check. Once the desired information regarding the individual is accumulated, it may be verified in whatever manner is acceptable to the organization to ensure that the information is valid.
Some conventional security cards may include bar codes, magnetic strips, and/or other similar type(s) of data storage devices, for encoding data associated with the individual to whom the card is issued. The cards may also include other types of data in addition to the basic identity and access data described above.
In some security systems, a biometric of the cardholder is used for verification. In these systems, one or more biometrics of the cardholder, such as a fingerprint, a retina scan, a voice sample, DNA sample or the like, are taken of the cardholder and stored on a centralized database of the security system. A token or other identifier is then stored on the card in the form of a bar code or similar encoded device. In operation, when the holder presents the card to a card reader, the token associated with a biometric is read. The security system uses the token to then poll the network database to retrieve the token associated with the holder. Further, the holder also has their biometric scanned with a biometric scanner connected to the security system. The security system compares the scanned biometric taken from the scanner with the stored biometric taken from the card to determine whether the person presenting the card is the registered cardholder.
As mentioned, the biometric identifier is typically not stored directly in the security card. Instead, a token is stored in the card, and the token provides the information necessary to query a remote database in which the biometric identifier associated with the owner of the card is stored. Therefore, a card reader may read the token stored in the card, and then query the appropriate remote database based upon the instructions provided by the token. In this instance, the card reader must be in continuous or semi-continuous communication with the remote database in order to verify the cardholder. In other words, the comparison of the stored biometric with a scanned biometric is dependent upon the card reader's capability to communicate with the remote database. In addition, the integrity of the stored biometric is dependent upon the integrity of the remote database. The biometric comparison may easily be jeopardized because communication between the card reader and the remote database may be blocked, and/or the remote database may become intentionally or inadvertently corrupted. Further, there may be added delay associated with polling and retrieving the biometric from the remote database. Also, the requirement of a network connection for card readers may not be practical for instances where the security system is used at a remotely located security checkpoint.
Another disadvantage of many conventional security card systems is storage capacity. The amount of data that can be stored in these conventional cards may be limited by the amount of data that may be encoded into the bar code, magnetic strip and/or others similar type(s) of data storage means printed on the face of the card.
Recently, business cards have been developed that use a CD-ROM for data storage. These business cards include a CD-ROM that has been shaped to resemble a card. Located on a surface of the CD-ROM is business data related to the card owner, such as name, title, company, address, phone number, etc. These business cards are advantageous as they allow for added storage of data on the CD-ROM. For instance, CD-ROM cards have been utilized to store data about a company associated with the card owner. This data can be viewed by a recipient of the business card via a conventional CD-ROM player.
Although CD-ROM business cards increase the amount of data that can be stored in a card, these conventional cards are not suitable for use in a security setting. Specifically, while these conventional business cards include information on the front of the card such as name, company, address, etc. and additional marketing information about the company stored on the CD-ROM, there is typically no information either printed on or stored in the card that verifies to a recipient that the card belongs to the card owner. Therefore, if an individual presents a CD-ROM card, there is no way to ensure that the CD-ROM card belongs to that individual, or that the data carried by the card is associated with the individual.
Smart cards have also been developed for use in security systems. Smart cards include either an embedded memory or both an embedded memory and a processor. These cards allow for additional data information storage on the security card. Further, the processor can be used to perform processing of data stored in the memory. These cards, however, also may have associated security issues. Specifically, smart carts are susceptible to hacking. Once the procedures for reading and writing to the memory of the smart card are determined, the security data on the card can be easily accessed and changed. As such, the card could be either compromised or altered for used by a non-authorized person.
In addition to the shortcomings associated with conventional security clearance cards, there are also some shortcomings with the security systems themselves. One issue is limiting data access. Specifically, it may be desirable to include a wide range of data on a security card, where some of the data is more sensitive than other portions of the data. For example, in addition to data for verifying the cardholder, the card may also include personal data about the cardholder such as financial, medical, and criminal records. In these instances, it is important to limit access to the personal data, while at the same time allowing access to data for verifying the owner of the card. Unfortunately, for many conventional security cards, this is not possible. There typically is no way to ensure that personnel operating a card reader cannot access all of the data stored on the card. Therefore, typically anyone capable of reading the card is authorized to view all of the data stored on the card, which may limit the type of data a card owner will be willing to store on the card, unless the only person accessing the data carried by the card is the owner of the card.
An additional problem with many conventional security systems is flexibility in deciding who does and who does not have access to a facility or data, or anything else to which security is required. Specifically, many conventional systems operate on “go/no go” decision-making. The list of those allowed access to a certain facility, data, etc., is hard coded in the system and cannot be altered dynamically. For example, an individual may originally have authorization to access one portion of a facility, but not another portion of the facility. For many conventional security systems, the list of individuals provided access to the second portion of the facility will have to be manually updated with the individual's information and then provided to the card reader or security gate at the second portion of the facilities entrance. This can be time consuming, especially in situations where the list of individuals allowed access to a facility is altered on a regular basis.
In light of these shortcomings in the prior art, there is a need for a security card that is capable of carrying large amounts of data, while also providing means for verifying the identity of an owner of the card. Cards are also needed that are less tamper proof and provide added data security. In addition, there is a need for such a card that limits access to different levels of data stored on the card based on the security level of the individual attempting to gain access to the information. Needs also exist for security systems that do not require constant connection to a network to verify security information, as well as security systems that allow for dynamic updating of information related to who is allowed access to facilities.